今天例行查看 VPS 发现了很多奇怪的连接,请大家帮忙看看是怎么回事。

2017-03-09 23:40:32 +08:00
 daxy223

刚刚登陆 vps 随手打了一个 sudo ss -tanp 想看看连接,理论上应该只有 sshd 的因为是前几天刚刚重装的系统还没开始用。但是结果是这样的:

State      Recv-Q Send-Q                                                          Local Address:Port                                                                         Peer Address:Port              
LISTEN     0      100                                                                 127.0.0.1:25                                                                                      *:*                   users:(("master",pid=897,fd=12))
LISTEN     0      128                                                                         *:4484                                                                                    *:*                   users:(("sshd",pid=802,fd=3))
TIME-WAIT  0      0                                                             103.200.126.211:58748                                                                      124.202.159.69:80                 
TIME-WAIT  0      0                                                             103.200.126.211:46486                                                                       193.28.235.36:80                 
TIME-WAIT  0      0                                                             103.200.126.211:50766                                                                        193.219.28.2:80                 
TIME-WAIT  0      0                                                             103.200.126.211:36826                                                                       210.71.189.53:80                 
TIME-WAIT  0      0                                                             103.200.126.211:51450                                                                        72.4.120.219:80                 
TIME-WAIT  0      0                                                             103.200.126.211:33962                                                                       149.56.229.30:80                 
TIME-WAIT  0      0                                                             103.200.126.211:36290                                                                        85.13.241.50:80                 
TIME-WAIT  0      0                                                             103.200.126.211:38172                                                                       133.24.248.18:80                 
TIME-WAIT  0      0                                                             103.200.126.211:57468                                                                         146.6.54.21:80                 
TIME-WAIT  0      0                                                             103.200.126.211:58472                                                                      103.29.148.124:80                 
TIME-WAIT  0      0                                                             103.200.126.211:39606                                                                      166.78.229.131:80                 
TIME-WAIT  0      0                                                             103.200.126.211:47384                                                                       89.38.249.150:80                 
TIME-WAIT  0      0                                                             103.200.126.211:58758                                                                      124.202.159.69:80                 
TIME-WAIT  0      0                                                             103.200.126.211:36384                                                                      200.93.227.165:80                 
TIME-WAIT  0      0                                                             103.200.126.211:49354                                                                        94.236.26.35:80                 
TIME-WAIT  0      0                                                             103.200.126.211:42696                                                                      104.129.31.245:80                 
TIME-WAIT  0      0                                                             103.200.126.211:59762                                                                      219.216.128.25:80                 
TIME-WAIT  0      0                                                             103.200.126.211:43496                                                                       147.52.159.12:80                 
TIME-WAIT  0      0                                                             103.200.126.211:49804                                                                      141.138.141.28:80                 
TIME-WAIT  0      0                                                             103.200.126.211:43926                                                                        150.65.7.130:80                 
TIME-WAIT  0      0                                                             103.200.126.211:57476                                                                      123.255.202.74:80                 
TIME-WAIT  0      0                                                             103.200.126.211:36270                                                                        85.13.241.50:80                 
TIME-WAIT  0      0                                                             103.200.126.211:42366                                                                         96.44.142.5:80                 
TIME-WAIT  0      0                                                             103.200.126.211:46388                                                                        198.55.111.5:80                 
TIME-WAIT  0      0                                                             103.200.126.211:41792                                                                      201.159.221.67:80                 
TIME-WAIT  0      0                                                             103.200.126.211:33244                                                                      194.105.226.20:80                 
TIME-WAIT  0      0                                                             103.200.126.211:58698                                                                      212.224.83.174:80                 
TIME-WAIT  0      0                                                             103.200.126.211:60970                                                                         160.10.5.26:80                 
TIME-WAIT  0      0                                                             103.200.126.211:53240                                                                        208.81.1.244:80                 
TIME-WAIT  0      0                                                             103.200.126.211:40140                                                                        5.135.66.221:80                 
TIME-WAIT  0      0                                                             103.200.126.211:59772                                                                      219.216.128.25:80                 
TIME-WAIT  0      0                                                             103.200.126.211:60912                                                                     115.186.188.244:80                 
TIME-WAIT  0      0                                                             103.200.126.211:46374                                                                        198.55.111.5:80                 
TIME-WAIT  0      0                                                             103.200.126.211:33720                                                                      180.150.156.88:80                 
TIME-WAIT  0      0                                                             103.200.126.211:41484                                                                       145.220.21.40:80                 
TIME-WAIT  0      0                                                             103.200.126.211:54448                                                                        69.195.83.87:80                 
TIME-WAIT  0      0                                                             103.200.126.211:55948                                                                          62.149.2.9:80                 
TIME-WAIT  0      0                                                             103.200.126.211:49384                                                                        129.102.1.37:80                 
TIME-WAIT  0      0                                                             103.200.126.211:57114                                                                       202.38.97.230:80                 
TIME-WAIT  0      0                                                             103.200.126.211:48400                                                                      125.212.220.48:80                 
TIME-WAIT  0      0                                                             103.200.126.211:43810                                                                        87.121.121.2:80                 
TIME-WAIT  0      0                                                             103.200.126.211:33000                                                                      74.205.112.120:80                 
TIME-WAIT  0      0                                                             103.200.126.211:57124                                                                       202.38.97.230:80                 
TIME-WAIT  0      0                                                             103.200.126.211:36312                                                                         119.9.32.73:80                 
TIME-WAIT  0      0                                                             103.200.126.211:45116                                                                       210.27.80.126:80                 
ESTAB      0      244                                                           103.200.126.211:4484                                                                        60.166.86.230:38212               users:(("sshd",pid=3499,fd=3),("sshd",pid=3495,fd=3))
TIME-WAIT  0      0                                                             103.200.126.211:43092                                                                      103.29.148.124:443                
TIME-WAIT  0      0                                                             103.200.126.211:49334                                                                     140.211.166.134:80                 
TIME-WAIT  0      0                                                             103.200.126.211:50672                                                                      123.58.173.186:80                 
TIME-WAIT  0      0                                                             103.200.126.211:58022                                                                        173.44.32.10:80                 
TIME-WAIT  0      0                                                             103.200.126.211:37848                                                                       192.26.91.193:80                 
TIME-WAIT  0      0                                                             103.200.126.211:59448                                                                      109.68.120.144:80                 
TIME-WAIT  0      0                                                             103.200.126.211:55700                                                                     121.134.248.147:80                 
TIME-WAIT  0      0                                                             103.200.126.211:52678                                                                      109.205.113.85:80                 
TIME-WAIT  0      0                                                             103.200.126.211:35004                                                                      202.90.159.172:443                
TIME-WAIT  0      0                                                             103.200.126.211:60742                                                                       83.166.201.99:80                 
TIME-WAIT  0      0                                                             103.200.126.211:58864                                                                         5.199.174.4:80                 
TIME-WAIT  0      0                                                             103.200.126.211:43178                                                                       103.252.152.2:80                 
TIME-WAIT  0      0                                                             103.200.126.211:46134                                                                         103.52.3.50:80                 
TIME-WAIT  0      0                                                             103.200.126.211:60698                                                                       46.22.137.105:80                 
TIME-WAIT  0      0                                                             103.200.126.211:40152                                                                        134.160.38.1:80                 
TIME-WAIT  0      0                                                             103.200.126.211:60808                                                                        103.246.18.4:80                 
TIME-WAIT  0      0                                                             103.200.126.211:48060                                                                          93.115.3.1:80                 
TIME-WAIT  0      0                                                             103.200.126.211:45118                                                                       210.27.80.126:80                 
LISTEN     0      100                                                                       ::1:25                                                                                     :::*                   users:(("master",pid=897,fd=13))
LISTEN     0      128                                                                        :::4484                                                                                   :::*                   users:(("sshd",pid=802,fd=4))

除了 4484 的 ssh 端口其他都是 time-wait 。之前从来没有这样的情况,我过了十几秒又 sudo ss -tanp 了一下 一切又正常了。

State      Recv-Q Send-Q                                                          Local Address:Port                                                                         Peer Address:Port              
LISTEN     0      100                                                                 127.0.0.1:25                                                                                      *:*                   users:(("master",pid=897,fd=12))
LISTEN     0      128                                                                         *:4484                                                                                    *:*                   users:(("sshd",pid=802,fd=3))
ESTAB      0      280                                                           103.200.126.211:4484                                                                        60.166.86.230:38212               users:(("sshd",pid=3499,fd=3),("sshd",pid=3495,fd=3))
LISTEN     0      100                                                                       ::1:25                                                                                     :::*                   users:(("master",pid=897,fd=13))
LISTEN     0      128                                                                        :::4484                                                                                   :::*                   

大家有遇到过这样的情况吗?我应该到哪里去检查知道具体是出什么问题了。

感谢感谢!

804 次点击
所在节点    VPS
0 条回复

这是一个专为移动设备优化的页面(即为了让你能够在 Google 搜索结果里秒开这个页面),如果你希望参与 V2EX 社区的讨论,你可以继续到 V2EX 上打开本讨论主题的完整版本。

https://www.v2ex.com/t/346294

V2EX 是创意工作者们的社区,是一个分享自己正在做的有趣事物、交流想法,可以遇见新朋友甚至新机会的地方。

V2EX is a community of developers, designers and creative people.

© 2021 V2EX